# Report 2022-05  

## News

 - [Who Owns the Data Your Car Collects?](https://www.consumerreports.org/automotive-technology/who-owns-the-data-your-car-collects)
 - [Top Mental Health and Prayer Apps Fail Spectacularly at Privacy, Security](https://foundation.mozilla.org/en/blog/top-mental-health-and-prayer-apps-fail-spectacularly-at-privacy-security)
 - [Grindr sold users’ location data for years, may have outed Catholic priest: report](https://nypost.com/2022/05/02/grindr-sold-data-about-users-precise-locations-for-years-report)
 - [CDC Tracked Millions of Phones to See If Americans Followed COVID Lockdown Orders](https://www.vice.com/en/article/m7vymn/cdc-tracked-phones-location-data-curfews)
 - [Data Broker Is Selling Location Data of People Who Visit Abortion Clinics](https://www.vice.com/en/article/m7vzjb/location-data-abortion-clinics-safegraph-planned-parenthood)
 - [India Orders VPN Companies to Collect and Hand Over User Data](https://www.cnet.com/news/privacy/india-orders-vpn-companies-to-collect-and-hand-over-user-data)
 - [Thomson Reuters to Review Human Rights Impact of its Data Collection for ICE](https://www.eff.org/deeplinks/2022/05/thomson-reuters-review-human-rights-impact-its-data-collection-ice)
 - [ICE Is a Domestic Surveillance Agency](https://www.schneier.com/blog/archives/2022/05/ice-is-a-domestic-surveillance-agency.html)
 - [Thousands of Popular Websites See What You Type—Before You Hit Submit](https://www.wired.com/story/leaky-forms-keyloggers-meta-tiktok-pixel-study)
 - [The EU Commission’s New Proposal Would Undermine Encryption And Scan Our Messages](https://www.eff.org/deeplinks/2022/05/eu-commissions-new-proposal-would-undermine-encryption-and-scan-our-messages)
 - [YikYak Is Exposing Millions of User Locations](https://theresponsetimes.com/yikyak-is-exposing-user-locations)
 - [Data Marketplace Selling Info About Who Uses Period Tracking Apps](https://www.vice.com/en/article/v7d9zd/data-marketplace-selling-clue-period-tracking-data)
 - [“How Dare They Peep into My Private Life?” Children’s Rights Violations by Governments that Endorsed Online Learning During the Covid-19 Pandemic](https://www.hrw.org/report/2022/05/25/how-dare-they-peep-my-private-life/childrens-rights-violations-governments)
 - [Vodafone plans carrier-level user tracking for targeted ads](https://www.bleepingcomputer.com/news/security/vodafone-plans-carrier-level-user-tracking-for-targeted-ads)
 - [Meta faces large fine for breaching children’s privacy on Instagram service](https://www.irishtimes.com/ireland/2022/05/30/dpc-instagram)

## Data Breaches

 - [Amart Furniture Warranty Customers Data Breach](https://www.ozbargain.com.au/node/701231)
 - [Ransomware attack exposes data of 500,000 Chicago students](https://www.bleepingcomputer.com/news/security/ransomware-attack-exposes-data-of-500-000-chicago-students/)
 - [Parker Hannifin reveals cyber-attack exposed sensitive data of 119,000 individuals](https://portswigger.net/daily-swig/parker-hannifin-reveals-cyber-attack-exposed-sensitive-data-of-119-000-individuals)

## Paper/Report

 - [WtaGraph: Web Tracking and Advertising Detection using Graph Neural Networks](https://www.computer.org/csdl/proceedings-article/sp/2022/131600a001/1wKCdYgQOJO)
 - [Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission](https://homes.esat.kuleuven.be/~asenol/leaky-forms)
 - [The Biggest Data Breach: ICCL report on the scale of Real-Time Bidding data broadcasts in the U.S. and Europe](https://www.iccl.ie/digital-data/iccl-report-on-the-scale-of-real-time-bidding-data-broadcasts-in-the-u-s-and-europe)
 - [Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhones](https://arxiv.org/abs/2205.06114)
 - [Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices](https://wcsng.ucsd.edu/ble-privacy)
